Android being an open source OS is never considered good on part of security concerns. It is so because it relies heavily on its vendors to push updates which might have some vulnerable links. There is no check in the android for the malware or suspected links that might have been added to the mobile application.
While downloading a mobile app, we the users, hardly give attention to the extent of permissions allowed by us to the app. It is just like reading and accepting the Terms & Conditions of a software license, no goes through it, just click OK. It is alarming that most of the mobile apps ask for more permission that required to perform the task.
There is no regulated environment in the android platform to control the unwanted content in the applications. This is the reason why enterprises shy away from Android and adopt products from Microsoft and Apple. Android tried to address this issue at their Google I/O with new Trust API, Project Abacus and Smart Lock.
Project Abacus – No more Passwords
Project Abacus that was named in Google I/o 2015 is one of the ambitious project of Google for Android Security. It was based on the survey finding that most of the users are not good at remembering passwords. Therefore it is important to create an environment that could ensure system security.
Authentication should not depend on user’s memory skills, rather on the behaviour of the user. Abacus analyses typing pattern and voice quality, combined with other signals from the sensors in the phone. It calculates the probability of user behaviour to ensure the credibility.
Trust API – Analysing the Behaviour
Android system features Trust API that analyses user’s on-screen activities to furnish trust score to them. The trust score is based on various user-specific data points, such as current location, facial recognition and typing patterns. The authentication system provided by Trust API offer several security slabs. These slabs provide a permit to the user to work with certain type or category of mobile apps.
Depending on the user’s trust score the security system opens up the slab which is just right for them. For example, mobile banking apps are accessible only to user with highest trust score(owner) whereas chrome browser is open for all the users. Whenever the system smells fishy, it prompts the user for fingerprint scan or a pin based authentication.
Smart Lock for Biometric Detection
Smart locks users accelerometer to sense human holding and automatic unlocking. Any sudden jerks to the smartphone are also sensed to automatically lock the phone when it is forcefully snatched.
It also allows users to set trusted place, device, face or voice and automatically unlocks when triggered by it. For example, if you enable airport as a trusted place, once you are there, device senses your location through GPS and unlocks device automatically.
Likewise, you can enable your car as trusted device so when you are in it the device unlocks and is ready for any Bluetooth or infrared transfer. In the same manner, the security system also allows you to store certain face or voice patterns to allow access to your trusted friend or relatives.
Nowadays with so many cases of thefts and misuse of smartphones being reported in daily news, these security features are certainly expected to help in tracing out. Its all about technology, helping us with better and secured living.